diff --git a/armsrc/mifarecmd.c b/armsrc/mifarecmd.c index ce4b14631..b0dd2c116 100644 --- a/armsrc/mifarecmd.c +++ b/armsrc/mifarecmd.c @@ -852,7 +852,7 @@ void MifareAcquireEncryptedNonces(uint32_t arg0, uint32_t arg1, uint32_t flags, uint64_t ui64Key = bytes_to_num(datain, 6); uint32_t cuid = 0; - int16_t isOK = 0; + int16_t isOK = PM3_SUCCESS; uint16_t num_nonces = 0; uint8_t nt_par_enc = 0; uint8_t cascade_levels = 0; @@ -882,7 +882,7 @@ void MifareAcquireEncryptedNonces(uint32_t arg0, uint32_t arg1, uint32_t flags, // Test if the action was cancelled if (BUTTON_PRESS()) { - isOK = 2; + isOK = PM3_EOPABORTED; field_off = true; break; } @@ -917,7 +917,7 @@ void MifareAcquireEncryptedNonces(uint32_t arg0, uint32_t arg1, uint32_t flags, if (slow) SpinDelayUs(HARDNESTED_PRE_AUTHENTICATION_LEADTIME); - uint32_t nt1; + uint32_t nt1 = 0; if (mifare_classic_authex(pcs, cuid, blockNo, keyType, ui64Key, AUTH_FIRST, &nt1, NULL)) { if (g_dbglevel >= DBG_ERROR) Dbprintf("AcquireEncryptedNonces: Auth1 error"); continue; @@ -939,7 +939,7 @@ void MifareAcquireEncryptedNonces(uint32_t arg0, uint32_t arg1, uint32_t flags, memcpy(buf + i, receivedAnswer, 4); nt_par_enc = par_enc[0] & 0xf0; } else { - nt_par_enc |= par_enc[0] >> 4; + nt_par_enc |= par_enc[0] >> 4; memcpy(buf + i + 4, receivedAnswer, 4); memcpy(buf + i + 8, &nt_par_enc, 1); i += 9; @@ -2465,6 +2465,8 @@ OUT: void MifareHasStaticNonce(void) { + FpgaWriteConfWord(FPGA_MAJOR_MODE_OFF); + // variables int retval = PM3_SUCCESS; uint32_t nt = 0; diff --git a/client/src/cmdhfmf.c b/client/src/cmdhfmf.c index a4b6243b4..c561c8091 100644 --- a/client/src/cmdhfmf.c +++ b/client/src/cmdhfmf.c @@ -430,9 +430,9 @@ static int CmdHF14AMfDarkside(const char *Cmd) { t1 = msclock() - t1; switch (isOK) { - case -1 : - PrintAndLogEx(WARNING, "button pressed, aborted"); - return PM3_ESOFT; + case PM3_EOPABORTED: + PrintAndLogEx(WARNING, "button pressed or aborted via keyboard. aborted"); + return PM3_EOPABORTED; case -2 : PrintAndLogEx(FAILED, "card is not vulnerable to Darkside attack (doesn't send NACK on authentication requests)"); return PM3_ESOFT; @@ -443,9 +443,6 @@ static int CmdHF14AMfDarkside(const char *Cmd) { PrintAndLogEx(FAILED, "card is not vulnerable to Darkside attack (its random number generator seems to be based on the wellknown"); PrintAndLogEx(FAILED, "generating polynomial with 16 effective bits only, but shows unexpected behaviour"); return PM3_ESOFT; - case PM3_EOPABORTED : - PrintAndLogEx(WARNING, "aborted via keyboard"); - return PM3_EOPABORTED; default : PrintAndLogEx(SUCCESS, "found valid key: "_GREEN_("%012" PRIx64), key); break; @@ -1432,6 +1429,7 @@ static int CmdHF14AMfNested(const char *Cmd) { //TODO: single mode broken? can't PrintAndLogEx(ERR, "Unknown error.\n"); } return PM3_SUCCESS; + } else { // ------------------------------------ multiple sectors working uint64_t t1 = msclock(); @@ -1576,7 +1574,7 @@ jumptoend: PrintAndLogEx(ERR, "Failed to save keys to file"); free(e_sector); free(fptr); - return PM3_ESOFT; + return PM3_EFILE; } free(fptr); } @@ -1606,7 +1604,7 @@ static int CmdHF14AMfNestedStatic(const char *Cmd) { arg_lit0("a", NULL, "Input key specified is keyA (def)"), arg_lit0("b", NULL, "Input key specified is keyB"), arg_lit0("e", "emukeys", "Fill simulator keys from found keys"), - arg_lit0(NULL, "dumpkeys", "Dump found keys to file"), + arg_lit0(NULL, "dumpkeys", "Dump found keys to file"), arg_param_end }; CLIExecWithReturn(ctx, Cmd, argtable, false); @@ -1634,7 +1632,6 @@ static int CmdHF14AMfNestedStatic(const char *Cmd) { bool transferToEml = arg_get_lit(ctx, 9); bool createDumpFile = arg_get_lit(ctx, 10); - CLIParserFree(ctx); //validations @@ -1689,7 +1686,8 @@ static int CmdHF14AMfNestedStatic(const char *Cmd) { uint64_t t1 = msclock(); e_sector = calloc(SectorsCnt, sizeof(sector_t)); - if (e_sector == NULL) return PM3_EMALLOC; + if (e_sector == NULL) + return PM3_EMALLOC; // add our known key e_sector[mfSectorNum(blockNo)].foundKey[keyType] = 1; @@ -1825,7 +1823,7 @@ jumptoend: PrintAndLogEx(ERR, "Failed to save keys to file"); free(e_sector); free(fptr); - return PM3_ESOFT; + return PM3_EFILE; } free(fptr); } @@ -1987,8 +1985,9 @@ static int CmdHF14AMfNestedHard(const char *Cmd) { if (nonce_file_write) { char *fptr = GenerateFilename("hf-mf-", "-nonces.bin"); - if (fptr == NULL) - return 1; + if (fptr == NULL) { + return PM3_EFILE; + } strncpy(filename, fptr, FILE_PATH_SIZE - 1); free(fptr); } @@ -2034,18 +2033,17 @@ static int CmdHF14AMfNestedHard(const char *Cmd) { if (isOK) { switch (isOK) { - case 1 : + case PM3_ETIMEOUT : PrintAndLogEx(ERR, "Error: No response from Proxmark3.\n"); break; - case 2 : - PrintAndLogEx(NORMAL, "Button pressed. Aborted.\n"); + case PM3_EOPABORTED: + PrintAndLogEx(WARNING, "Button pressed. Aborted.\n"); break; default : break; } - return 2; } - return 0; + return isOK; } static int CmdHF14AMfAutoPWN(const char *Cmd) { @@ -2238,7 +2236,7 @@ static int CmdHF14AMfAutoPWN(const char *Cmd) { uint64_t select_status = resp.oldarg[0]; if (select_status == 0) { PrintAndLogEx(WARNING, "iso14443a card select failed"); - return select_status; + return PM3_ECARDEXCHANGE; } // store card info @@ -2263,10 +2261,10 @@ static int CmdHF14AMfAutoPWN(const char *Cmd) { if (has_staticnonce == NONCE_NORMAL) { prng_type = detect_classic_prng(); if (prng_type < 0) { - PrintAndLogEx(FAILED, "\nNo tag detected or other tag communication error"); + PrintAndLogEx(FAILED, "\nNo tag detected or other tag communication error (%u)", prng_type); free(e_sector); free(fptr); - return prng_type; + return PM3_ESOFT; } } @@ -2490,8 +2488,8 @@ static int CmdHF14AMfAutoPWN(const char *Cmd) { isOK = mfDarkside(mfFirstBlockOfSector(sectorno), keytype + 0x60, &key64); switch (isOK) { - case -1 : - PrintAndLogEx(WARNING, "\nButton pressed. Aborted."); + case PM3_EOPABORTED : + PrintAndLogEx(WARNING, "\nButton pressed or aborted via keyboard"); goto noValidKeyFound; case -2 : PrintAndLogEx(FAILED, "\nCard is not vulnerable to Darkside attack (doesn't send NACK on authentication requests)."); @@ -2503,9 +2501,6 @@ static int CmdHF14AMfAutoPWN(const char *Cmd) { PrintAndLogEx(FAILED, "\nCard is not vulnerable to Darkside attack (its random number generator seems to be based on the wellknown"); PrintAndLogEx(FAILED, "generating polynomial with 16 effective bits only, but shows unexpected behaviour."); goto noValidKeyFound; - case -5 : - PrintAndLogEx(WARNING, "\naborted via keyboard."); - goto noValidKeyFound; default : PrintAndLogEx(SUCCESS, "\nFound valid key [ " _GREEN_("%012" PRIx64) " ]\n", key64); break; @@ -2590,7 +2585,7 @@ noValidKeyFound: clearCommandBuffer(); SendCommandNG(CMD_HF_MIFARE_READBL, (uint8_t *)&payload, sizeof(mf_readblock_t)); - if (!WaitForResponseTimeout(CMD_HF_MIFARE_READBL, &resp, 1500)) goto skipReadBKey; + if (WaitForResponseTimeout(CMD_HF_MIFARE_READBL, &resp, 1500) == false) goto skipReadBKey; if (resp.status != PM3_SUCCESS) goto skipReadBKey; @@ -2642,13 +2637,13 @@ tryNested: PrintAndLogEx(ERR, "\nError: No response from Proxmark3."); free(e_sector); free(fptr); - return PM3_ESOFT; + return isOK; } case PM3_EOPABORTED: { PrintAndLogEx(WARNING, "\nButton pressed. Aborted."); free(e_sector); free(fptr); - return PM3_EOPABORTED; + return isOK; } case PM3_EFAILED: { PrintAndLogEx(FAILED, "Tag isn't vulnerable to Nested Attack (PRNG is probably not predictable)."); @@ -2679,7 +2674,7 @@ tryNested: PrintAndLogEx(ERR, "unknown Error.\n"); free(e_sector); free(fptr); - return PM3_ESOFT; + return isOK; } } @@ -2697,11 +2692,11 @@ tryHardnested: // If the nested attack fails then we try the hardnested attack DropField(); if (isOK) { switch (isOK) { - case 1: { + case PM3_ETIMEOUT: { PrintAndLogEx(ERR, "\nError: No response from Proxmark3"); break; } - case 2: { + case PM3_EOPABORTED: { PrintAndLogEx(NORMAL, "\nButton pressed, user aborted"); break; } @@ -2736,13 +2731,13 @@ tryStaticnested: PrintAndLogEx(ERR, "\nError: No response from Proxmark3"); free(e_sector); free(fptr); - return PM3_ESOFT; + return isOK; } case PM3_EOPABORTED: { PrintAndLogEx(WARNING, "\nButton pressed, user aborted"); free(e_sector); free(fptr); - return PM3_EOPABORTED; + return isOK; } case PM3_SUCCESS: { e_sector[current_sector_i].Key[current_key_type_i] = bytes_to_num(tmp_key, 6); diff --git a/client/src/cmdhfmfhard.c b/client/src/cmdhfmfhard.c index a8455deab..2d373e451 100644 --- a/client/src/cmdhfmfhard.c +++ b/client/src/cmdhfmfhard.c @@ -1043,7 +1043,7 @@ static int read_nonce_file(char *filename) { if (filename == NULL) { PrintAndLogEx(WARNING, "Filename is NULL"); - return 1; + return PM3_EINVARG; } FILE *fnonces = NULL; char progress_text[80] = ""; @@ -1052,7 +1052,7 @@ static int read_nonce_file(char *filename) { num_acquired_nonces = 0; if ((fnonces = fopen(filename, "rb")) == NULL) { PrintAndLogEx(WARNING, "Could not open file " _YELLOW_("%s"), filename); - return 1; + return PM3_EFILE; } snprintf(progress_text, 80, "Reading nonces from file " _YELLOW_("%s"), filename); @@ -1061,7 +1061,7 @@ static int read_nonce_file(char *filename) { if (bytes_read != 6) { PrintAndLogEx(ERR, "File reading error."); fclose(fnonces); - return 1; + return PM3_EFILE; } cuid = bytes_to_num(read_buf, 4); uint8_t trgBlockNo = bytes_to_num(read_buf + 4, 1); @@ -1095,7 +1095,7 @@ static int read_nonce_file(char *filename) { } if (got_match == false) { PrintAndLogEx(FAILED, "No match for the First_Byte_Sum (%u), is the card a genuine MFC Ev1? ", first_byte_Sum); - return 1; + return PM3_ESOFT; } return PM3_SUCCESS; } @@ -1417,7 +1417,7 @@ static int acquire_nonces(uint8_t blockNo, uint8_t keyType, uint8_t *key, uint8_ if (WaitForResponseTimeout(CMD_ACK, &resp, 3000) == false) { DropField(); - return 1; + return PM3_ETIMEOUT; } // error during nested_hard @@ -1432,7 +1432,7 @@ static int acquire_nonces(uint8_t blockNo, uint8_t keyType, uint8_t *key, uint8_ if ((fnonces = fopen(filename, "wb")) == NULL) { PrintAndLogEx(WARNING, "Could not create file " _YELLOW_("%s"), filename); DropField(); - return 3; + return PM3_EFILE; } snprintf(progress_text, 80, "Writing acquired nonces to binary file " _YELLOW_("%s"), filename); @@ -1481,7 +1481,7 @@ static int acquire_nonces(uint8_t blockNo, uint8_t keyType, uint8_t *key, uint8_ if (got_match == false) { PrintAndLogEx(FAILED, "No match for the First_Byte_Sum (%u), is the card a genuine MFC Ev1? ", first_byte_Sum); - return 4; + return PM3_EWRONGANSWER; } hardnested_stage |= CHECK_2ND_BYTES; @@ -1515,7 +1515,7 @@ static int acquire_nonces(uint8_t blockNo, uint8_t keyType, uint8_t *key, uint8_ fclose(fnonces); } DropField(); - return 1; + return PM3_ETIMEOUT; } // error during nested_hard @@ -2250,8 +2250,9 @@ int mfnestedhard(uint8_t blockNo, uint8_t keyType, uint8_t *key, uint8_t trgBloc init_nonce_memory(); update_reduction_rate(0.0, true); - if (simulate_acquire_nonces() != PM3_SUCCESS) { - return 3; + int res = simulate_acquire_nonces(); + if ( res != PM3_SUCCESS) { + return res; } set_test_state(best_first_bytes[0]); @@ -2310,7 +2311,7 @@ int mfnestedhard(uint8_t blockNo, uint8_t keyType, uint8_t *key, uint8_t trgBloc free_statelist_cache(); free_candidates_memory(candidates); candidates = NULL; - if (!key_found) { + if (key_found == false) { // update the statistics nonces[best_first_bytes[0]].sum_a8_guess[j].prob = 0; nonces[best_first_bytes[0]].sum_a8_guess[j].num_states = 0; @@ -2341,7 +2342,9 @@ int mfnestedhard(uint8_t blockNo, uint8_t keyType, uint8_t *key, uint8_t trgBloc free_part_sum_bitarrays(); } fclose(fstats); + } else { + start_time = msclock(); print_progress_header(); snprintf(progress_text, sizeof(progress_text), "Brute force benchmark: %1.0f million (2^%1.1f) keys/s", brute_force_per_second / 1000000, log(brute_force_per_second) / log(2.0)); @@ -2353,30 +2356,32 @@ int mfnestedhard(uint8_t blockNo, uint8_t keyType, uint8_t *key, uint8_t trgBloc init_nonce_memory(); update_reduction_rate(0.0, true); + int res; if (nonce_file_read) { // use pre-acquired data from file nonces.bin - if (read_nonce_file(filename) != 0) { + res = read_nonce_file(filename); + if (res != PM3_SUCCESS) { free_bitflip_bitarrays(); free_nonces_memory(); free_bitarray(all_bitflips_bitarray[ODD_STATE]); free_bitarray(all_bitflips_bitarray[EVEN_STATE]); free_sum_bitarrays(); free_part_sum_bitarrays(); - return 3; + return res; } hardnested_stage = CHECK_1ST_BYTES | CHECK_2ND_BYTES; update_nonce_data(false); float brute_force_depth; shrink_key_space(&brute_force_depth); } else { // acquire nonces. - uint16_t is_OK = acquire_nonces(blockNo, keyType, key, trgBlockNo, trgKeyType, nonce_file_write, slow, filename); - if (is_OK != 0) { + res = acquire_nonces(blockNo, keyType, key, trgBlockNo, trgKeyType, nonce_file_write, slow, filename); + if (res != PM3_SUCCESS) { free_bitflip_bitarrays(); free_nonces_memory(); free_bitarray(all_bitflips_bitarray[ODD_STATE]); free_bitarray(all_bitflips_bitarray[EVEN_STATE]); free_sum_bitarrays(); free_part_sum_bitarrays(); - return is_OK; + return res; } } @@ -2437,7 +2442,7 @@ int mfnestedhard(uint8_t blockNo, uint8_t keyType, uint8_t *key, uint8_t trgBloc free_statelist_cache(); free_candidates_memory(candidates); candidates = NULL; - if (!key_found) { + if (key_found == false) { // update the statistics nonces[best_first_bytes[0]].sum_a8_guess[j].prob = 0; nonces[best_first_bytes[0]].sum_a8_guess[j].num_states = 0; @@ -2453,5 +2458,5 @@ int mfnestedhard(uint8_t blockNo, uint8_t keyType, uint8_t *key, uint8_t trgBloc free_sum_bitarrays(); free_part_sum_bitarrays(); } - return 0; + return PM3_SUCCESS; } diff --git a/client/src/mifare/mifarehost.c b/client/src/mifare/mifarehost.c index 4f8440325..3aa2d7702 100644 --- a/client/src/mifare/mifarehost.c +++ b/client/src/mifare/mifarehost.c @@ -80,7 +80,7 @@ int mfDarkside(uint8_t blockno, uint8_t key_type, uint64_t *key) { PacketResponseNG resp; if (WaitForResponseTimeout(CMD_HF_MIFARE_READER, &resp, 2000)) { if (resp.status == PM3_EOPABORTED) { - return -1; + return resp.status; } struct p { @@ -1271,6 +1271,8 @@ int detect_classic_nackbug(bool verbose) { if (verbose) PrintAndLogEx(SUCCESS, "press pm3-button on the Proxmark3 device to abort both Proxmark3 and client.\n"); + PrintAndLogEx(INFO, "." NOLF); + while (true) { PrintAndLogEx(NORMAL, "." NOLF);